Colonial Pipeline Paid Hackers $5 MILLION Ransom

Horrible. What happened to, ‘we don’t negotiate with terrorists’?

Paying extortionists is an invitation to terrorists the world over. Pandora’s box.

Colonial Pipeline paid European hackers $5M ransom last week: report

By Will Feuer, New York Post, May 13, 2021 |

Colonial Pipeline forked over nearly $5 million last week to the Eastern European criminal group that hacked the company, shuttering the largest oil pipeline in the US, spurring widespread gas shortages and panic buying across the Southeast.

Bloomberg News reported that Colonial coughed up the ransom just hours after the ransomware attack took place on Friday.

The Alpharetta, Georgia-based company paid the ransom in untraceable cryptocurrency, Bloomberg reported, citing two people familiar with the transaction.

Once the hackers received the payment, they provided Colonial with a decrypting tool to restore its downed IT network, according to the outlet, which reported the fix was so slow that the company opted to use its own backups to help restore the system.

Colonial did not immediately return The Post’s request for comment

The Bloomberg report contradicts earlier reporting by the Washington Post and Reuters that said the company had no immediate intention of paying the ransom. Those outlets cited anonymous sources.

Ransomware is a kind of malicious software that locks up a user’s data. In ransomware attacks, the hackers often demand a ransom for the unlocking or return of the affected data.

“The FBI does not support paying a ransom in response to a ransomware attack,” according to the FBI’s website. “It [paying ransom] also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.”

President Biden on Wednesday signed an executive order intended to improve US cybersecurity after the hack. The order, among other things, establishes a new multiagency Cybersecurity Safety Review Board to review incidents and mandates that federal systems log cybersecurity incidents and use multifactor authentication and stronger encryption.

DarkSide is known to extort cash from corporations and give a cut to charity, the Associated Press reported Sunday, citing sources familiar with the federal investigation of the Colonial hacking.

‘DarkSide’ hackers behind Colonial Pipeline attack, shutdown: FBI

In a statement reportedly posted on DarkSide’s website last week, the group claimed, “Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”

The statement, provided to CNBC by the Boston-based security company Cybereason on Monday, added: “We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for our motives.”

While Biden stopped short earlier this week of linking the Kremlin and DarkSide, he said that “there is evidence that the actors’ ransomware is in Russia.”

During a White House briefing, Anne Neuberger, deputy national security adviser for cyber and emerging technologies, also described DarkSide as “a criminal actor” but said that “our intelligence community is looking for any ties to any nation-st


Read more at Geller Report

We are ad-free!


Share this: